Extra Extra! Announcing DR Global Latin America
Dark Reading has something new hitting the newsstand: a content section purpose-built for Latin American readers, featuring news, analysis, features, and multimedia.
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," one researcher noted.
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
A third of the "flipped" CVEs affected network edge devices, leading one researcher to conclude, "Ransomware operators are building playbooks around your perimeter."
Ransomware Gang Goes Full 'Godfather' With Cartel
DragonForce is taking cues from organized crime, emphasizing cooperation and coordination among ransomware gangs.
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.
Cyber Success Trifecta: Education, Certifications & Experience
Col. Georgeo Xavier Pulikkathara, CISO at iMerit, discusses the importance of fundamentals, continuous learning, and human ingenuity in the face of AI-driven cybersecurity evolution.
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
A disconnect exists between an organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities.
Agentic AI Site 'Moltbook' Is Riddled With Security Risks
Someone used AI to build an entire Web platform, which then did something predictable and preventable: It exposed all its data through a publicly accessible API.
EnCase Driver Weaponized as EDR Killers Persist
The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult
Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant.
Shai-hulud: The Hidden Costs of Supply Chain Attacks
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.
'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption
The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption (E2E) by default across their services, as privacy concerns mount amid increased AI use.